package com.sunrise.xdoc.auth;

import java.util.Collection;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.AccessDecisionVoter;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.FilterInvocation;

import com.sunrise.xdoc.security.ISecurityVoter;

/**
 * The Class SmartVoter.
 * 
 * @author Nguyen Duc Dung
 * @since 6/9/13 8:48 PM
 */
public class SmartVoter implements AccessDecisionVoter<Object> {

    @Autowired
    private ISecurityVoter securityVoter;

    @Override
    public boolean supports(ConfigAttribute attribute) {
        return true;
    }

    @Override
    public boolean supports(Class<?> clazz) {
        return true;
    }

    @Override
    public int vote(Authentication authentication, Object object, Collection<ConfigAttribute> attributes) {
        if (object instanceof FilterInvocation) {
            String url = ((FilterInvocation) object).getRequestUrl();
            if (securityVoter.checkKey(url, "R")) {
                return ACCESS_GRANTED;
            }
        }
        return ACCESS_DENIED;
    }
}
